The emergence of a preventive cybersecurity paradigm that aims to eliminate the sources of cybercrime threats is becoming an increasingly necessary complement to the current self-defensive cybersecurity systems. One concern associated with adopting such preventive measures is the risk of privacy infringement. Therefore, it is necessary to design the future Internet infrastructure so that it can appropriately balance preventive cybersecurity measures with privacy protections. This research proposes to design the Internet infrastructure using the preventive cybersecurity measures of the Bright Internet, namely preventive cybersecurity protocol and identifiable anonymity protocol, and ten privacy rights derived from Europe's General Data Protection Regulations (GDPR). We then analyze the legitimacy of the five steps of the preventive cybersecurity protocol and the four features of the identifiable anonymity protocol from the perspectives of ten privacy rights. We address the legitimacy from the perspective of potential victims' self-defense rights. Finally, we discuss four potential risks that may occur to the innocent senders and proposed resilient recovery procedures.